Welcome to Open Carnage

A resource for gamers and technology enthusiasts, with unique means of rewarding content creation and support. Have a wander to see why we're worth the time!

Sign in to follow this  
Followers 0
Krazychic

Code-execution flaws threaten users of routers, Linux, and other OSes

150711218131093.jpg

 

Google researchers have discovered at least three software bugs in a widely used software package that may allow hackers to execute malicious code on vulnerable devices running Linux, FreeBSD, OpenBSD, NetBSD, and macOS, as well as proprietary firmware.

 

Spoiler

Dnsmasq, as the package is known, provides code that makes it easier for networked devices to communicate using the domain name system and the Dynamic Host Configuration Protocol. It's included in Android, Ubuntu, and most other Linux distributions, and it can also run on a variety of other operating systems and in router firmware. A blog post published Monday by security researchers with Google said they recently found seven vulnerabilities in Dnsmasq, three of which were flaws that allowed the remote execution of malicious code.

 

One of the code-execution flaws, indexed as CVE-2017-14493, is a "trivial-to-exploit, DHCP-based, stack-based buffer overflow vulnerability." Combined with a separate information leak bug Google researchers also discovered, attackers can bypass a key protection known as address space layout randomization, which is designed to prevent malicious payloads included in exploits from executing. As a result, exploits result in a simple crash, rather than a security-compromising hack. By chaining the code-execution and information leak exploits together, attackers can circumvent the defense to run any code of their choosing.

 

The Google researchers said that they worked with the maintainer of Dnsmasq to patch the vulnerabilities in version 2.78, which is available here. The researchers also said that Android was affected by one of the less-severe bugs, and a fix is being distributed in the October Android security update that will be pushed out to a select number of devices in the coming weeks. There's no mention what upstream OSes that use Dnsmasq are affected by the more serious flaws or if patches are publicly available yet. The other six vulnerabilities are: CVE-2017-14491, CVE-2017-14492, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704.

 

The Google post doesn't mention mitigations or other protections users of affected platforms can take while they wait for patches to become available. Attempts to reach independent security researchers for analysis weren't immediately successful. This post will be updated if any researchers reply after it goes live. In the meantime, concerned readers should contact the software maintainers directly to find out when patches will be available.

 

Source


Rumors are carried by haters
Spread by fools
and
Accepted by idiots

Share this post


Link to post
Share on other sites

Members of Open Carnage never see off-site ads.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0
  • Recently Browsing   0 members

    No registered users viewing this page.